I am guessing wild here, never done. mod_proxy + mod_rewrite
Rewrite all urls requesting static content to point to a url where web2py responds with a url pointing to localhost. Correct url content is fetched by proxy from apache itself on localhost (there you have <Location> that cannot be reached by outside) and served back to the user. mic 2011/4/28 Massimo Di Pierro <[email protected]>: > I am looking for an apache module to do the following: > > Let's say I have web2py running under http://example.com behind apache > (mod_wsgi, mod_proxy, or other does not matter) and apache is also > serving static files from a non-web2py-related folder. > > I want to restrict access to some of the static files depending on > whether the user has logged into web2py or not. > > There are ways to do it using mod_auth_tkt, mod_auth_pubtkt, etc. but > they are all more complex than need to be. > > I would like an apache module that works like this: > > - when a user visits the url for one of the static files > - the web server makes an http request (not a redirect) to a URL I > specify in the configuration (the url of a web2py page) > - passes the cookies along with the request > - if the request succeeds, the web server returns the original > requested file > - if the request fails with not-authorized, the web server returns not > authorized > - if the request redirects, the web server also redirects (assuming to > a login page) > - the body of the response of the background request is ignored and > irrelevant. > > Is there an apache module to do this? I cannot find one and yet it > seems so obvious. > > Massimo > > P.S. I know I can do this with mod_wsgi by calling a wsgi script but I > want to do it with an http request instead. > > >
